268188c1bf1297a227b82968be3609e55b23414a8142ae1d3ae61cc36d9e9b1c | Triage

Sharing

General

Target

268188c1bf1297a227b82968be3609e55b23414a8142ae1d3ae61cc36d9e9b1c
Size

206KB
Sample

240801-1egg9s1elf
MD5

6bac7c483484656a31483308bd3ecc42
SHA1

573d899ed7227e76f6a8efce98949d66b7251782
SHA256

268188c1bf1297a227b82968be3609e55b23414a8142ae1d3ae61cc36d9e9b1c
SHA512

0222b4ee55f632a99d1d30a0c966a6978b153d146099c4b3f2c9d485c87eb80c7c8bcb5d169923336fc7224b49dba639e468a58326267cb37ec9818520e6f6de
SSDEEP

3072:9QWpze+eO888888888888888888888888888888888888888888888888888888P:Lpe+ekeq1Ype+ekeq1G

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  268188c1bf1297a227b82968be3609e55b23414a8142ae1d3ae61cc36d9e9b1c
- Size
  
  206KB
- MD5
  
  6bac7c483484656a31483308bd3ecc42
- SHA1
  
  573d899ed7227e76f6a8efce98949d66b7251782
- SHA256
  
  268188c1bf1297a227b82968be3609e55b23414a8142ae1d3ae61cc36d9e9b1c
- SHA512
  
  0222b4ee55f632a99d1d30a0c966a6978b153d146099c4b3f2c9d485c87eb80c7c8bcb5d169923336fc7224b49dba639e468a58326267cb37ec9818520e6f6de
- SSDEEP
  
  3072:9QWpze+eO888888888888888888888888888888888888888888888888888888P:Lpe+ekeq1Ype+ekeq1G
Score

9^/10

discovery ransomware
- Renames multiple (3920) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware